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1. INTRODUCTION 

The wave of sophisticated attacks on an organization's cybersecurity creates threats, risks, and 
challenges, raising national and international awareness of cybersecurity implications [1]. Risk is the 
possibility of an undesired event occurring due to uncertainty about information security [2], [3]. Risk 
management identifies, assesses, and prioritizes risks [4]. Servers are becoming important to today's Internet 
infrastructure [5]. Most web server architectures in use today are designed to improve server performance by 
using a single server. The author mentions that information security is the process of establishing and 
observing a set of strategies, policies, techniques, rules, guidelines, practices and procedures to prevent, 
protect and safeguard against damage, evidence, or theft of an organization's computer resources and to 
manage the risk by ensuring as much as possible the proper and uninterrupted operation of those resources 
[6]. Therefore, it is intended to know the use of digital technologies to facilitate the analysis and prevent the 
risks of information security in institutional servers, this prevention allows to keep the risks on computer 
resources to a minimum [7]. 
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2. METHOD 

The 2020 Prism methodology replaces the 2009 statement and includes a new presentation guide 
that reflects advances in methods of research identification, selection, evaluation, and synthesis [8]. A 
systematic review of the scientific literature will be used for the development of the article. The questions 
posed are the following: 

RQ1: what security methods allow for efficient server protection? 
RQ2: which security technologies can be used to ensure the security of the organization's servers? 
RQ3: which are the most frequent risks according to their origin and type? 

In order to answer the research questions, a search for published articles in the main database 
platforms such as IEEE Xplore, EBSCO, Science Direct, Scopus, and IOP Publishing. Database platforms 
such as IEEE Xplore, EBSCO, Science Direct, Scopus, and IOP Publishing. The following keywords were 
considered in the research search: (ALL ("defense technologies") AND ALL ("information security" OR 
“server security") AND ("information security") OR ("computer risks"). Figure 1 shows the collection of 
articles from each database respectively. For the development of the systematic review, the following aspects 
and inclusion and exclusion criteria were considered in Table 1. Figure 2 shows the flowchart of the item 
selection process following the Prisma statement. 


Table 1. Exclusion and inclusion criteria 


table 
Criteria 
Inclusion 101 Articles related to information 
technology. 
x Articles related to Information 
g 102 : 
a security. 
E 103 Articles related to information 
2 security analysis. 
S Articles related to information 
a 104 : 
2 risks. 
Articles related to IT risk 
105 A 
forecasting. 
Exclusion E01 Articles not related to 
computer servers. 
E02 Articles not oriented to the 


institutional sector 

Articles related to information 
E03 security, but oriented to 
Figure 1. Item inclusion graph companies. 
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Figure 2. Document inclusion and exclusion flowchart 
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3. RESULTS 

Fifty-eight articles were analyzed from the aforementioned databases, following the search equation. 
In the review of articles, 3 were excluded according to the exclusion criteria, and 4 did not contribute to 
answering the research questions. Finally, 51 articles were obtained for the systematic review. Figure 2 
shows the Prisma flow chart in the sequence of article collection. Figure 3 shows the number of articles 
found in the database. Figure 4 shows the number of articles published per month and the database. Figure 5 
shows the number of articles published by continent. Figure 6 shows the number of selected items grouped 
by database and category. Figure 7 shows the relationship between the origin (internal-external) and types of 
risk (business-process-technical). Figure 8 shows the number of selected articles published by country. 
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Figure 9 produced with VOSviewer. VOSviewer is a software tool for analyzing and visualizing 
scientific literature developed by Nees Jan van Eck and Ludo Waltman from the Center for Research in 
Science and Technology (CWTS) at Leiden University [9]. It can be seen in Figure 9(a) the history in years 
of the keywords with the most hits, as well as in Figure 9(b) the heat map where the words: computer 
security, security vulnerabilities, risk management and malware detection are highlighted, which aims to 
answer the research questions with the topics of the articles. 
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Figure 9. Network visualization graph; (a) co-occurrence grouped in clusters and (b) heat map 


Biometrics is a science that uses statistical and mathematical procedures in all documents related to 
scientific subjects and the authors who produce them. This is done to perform a scientific analysis of 
performance. To this end, it uses the laws of biometrics, which are based on conventional statistical behavior, 
which has been manifesting the various elements that constitute science over time. The mechanisms used to 
evaluate aspects of this phenomenon are the so-called biometric indicators, an evaluation that provides 
information on the outcome of scientific activity according to some of its manifestations. 

For this bibliometric analysis, we used RStudio with Bibliometrix, obtaining, as a result, Figure 10, 
which shows the word cloud collected from the keywords of the selected articles, and Figure 11, which 
shows the percentage of occurrence of each word, highlighting “security of data” and “network security”. 
Table 2 shows the classification of articles according to the results obtained. Table 3 shows the classification 
of articles according to the technologies and methods used. Table 4 shows the classification of articles 
according to categories and topics of functionality. Table 5 shows the classification of articles according to 
types of risks and origin. 


Bulletin of Electr Eng & Inf, Vol. 13, No. 3, June 2024: 2142-2153 


Bulletin of Electr Eng & Inf ISSN: 2302-9285 O 2147 


design and implementations 
defence technology SECUTILY Vulnerabilities 
effectiveness evaluation comple: networks 
blockchain decision making natural language processing 
information lea big data covert communications 
—— atura language pr ocessing systems 


uea rans cryprogranhy FISK ASSESSMENT honeynots «ne 
information security technologies 


smsem AR OMAN SECUFITY FISKS «== 


computer neta orks 
data privacy network information securities 
asgiication (o (of information) #¢rsonal computing 
Scomputer crime machine learning 
“stnetworks Security artic intelligencedetection methods 
clechemasnetic information CONVOlutional neural networks steganogranhy 
information manayement artificial intelligence technologies 


computer operating systems security problems 
electromagnetic emissions Jata communication systems 
diffusion of innovation theory 


Figure 10. Word cloud 


information computer cime 
security risks a 
6 2% 
3% 
5 Em R 
3% 
network information F a z E] 
securities 
5 formatic 
saa ape 


3% 


information security 
technologies 


classification (of 
information) 

4 

2% 


Figure 11. Tree map 


Table 2. Classification of articles according to the results obtained 


Category Ref. 

IT security analysis [9]-[27] 
Threat detection [28]-[31] 
Network risk management [2], [32]-[34] 
Security methods [5], [35]-[44] 
Security policies [45]-[50] 

IT Security [1], [51]-[62] 
Server vulnerabilities [63], [64] 
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Table 3. Classification of articles according to methods and technologies 


Methods and technologies Ref. 
SSH key implementation [13], [14] 
Public key infrastructure and SSL/TLS encryption [20], [21], [27], [28], [34], [43], [51], [54] 
Audits of deployed services [37], [38] 
Implementation of VPN and private networks [20], [21] 
Firewall insertion [26], [27] 
Computer auditing and intrusion detection systems (IDS). [24]-[27], [43] 
Isolated execution and testing environments [9], [22], [23] 


Table 4. Classification of items according to categories and topics of functionality 


Themes and funcionality Ref. 


These articles argue that the identification of IT resources, their vulnerabilities and the threats to which they are [9]-[27] 
exposed, and their probability and impact, in order to determine the appropriate control measures to accept, reduce, 

transfer or prevent the risk. 

These articles argue that the search for external actors or malicious intruders in the network cannot be detected by [28]-[30] 
automated security systems. This analysis can be performed with varying degrees of automation or completely 

manually. in general. 

This article argues the use of alternatives to manage the risks to which IT resources may be exposed as part of the [2], [32]-[34] 
organization's processes. This means a well-defined structure with full control and implementation through feasible 

and effective actions. 

These articles argue that the use of computer security technology and activities is aimed at ensuring the integrity, [5], [35]-[43] 
availability, and security of data stored in a digital environment. 

These articles argue that the use of technology and security policies and implementation as well as the responsible [44]-[49] 

use of the organization's resources must be part of the systems implemented for proper management and legal 

compliance. 

This article argues that the use of digital technologies and cybersecurity strategies prevent unauthorized access to an [1], [50]-[62] 
organization's resources, such as computers, networks, and data. It maintains the integrity and secrecy of confidential 

information and blocks access by experienced hackers. 

These articles argue that server security is as important as network security because they often contain large amounts [63] 

of important organizational information. 


Table 5. Classification of items according to types of risks and origin 
Type of risk Origin of risk Ref. 

Business External [13], [22] [34], [37], [60] 
Internal [2], [5], [11], [20], [24], [26], [27], [52], [53], [55], [59] 

Process External [9], [10] [15], [19], [26]-[29], [35], [48] 
Internal [18], [23], [32], [38], [43], [49], [50] [63] 

Technical External [1], [39], [40], [44], [46], [54], [61] 
Internal [13], [14], [16], [17], [21], [30], [33], [41], [42], [45], [47], [51], [56]-[58], [62] 


4. DISCUSSION 

This systematic review of the scientific literature aims to answer the questions posed: 
RQ1. Which security methods allow to carry efficient protection for servers? 

According to Table 3, it can be observed that the most used technologies that allow carrying 
efficient protection for servers are public key infrastructure and SSL/TLS encryption. Semerdzhiev et al. 
[22] mentions that SSH keys can be used for server authentication. This allows us to understand the security 
that this technology has because the user maintains a private key which is kept securely as a secret on the 
other hand the public key can be used by different users without restriction. According to Figure 7, it can be 
determined that the articles that are similar to the research topic use public key infrastructure technology and 
SSL/TLS encryption. This result gives us to know which technologies are the most used to ensure the 
protection of servers. Wang et al. [23] mentions that a security method that allows the efficient protection of 
servers is to use active collection and passive collection technologies of devices. With this technology, it will 
be possible to effectively identify the state of the devices in order to detect their behavior. According to 
Table 1, the categories of articles are determined in relation to the research topic, these use the technology of 
"IT security analysis". The result shows that this category is the most recommended for use in the security of 
institutional servers. 

RQ2. What security technologies can be used to ensure the security of the organization's servers? 

According to Figure 7, it can be determined that the articles that have similarities to the research 
topic use IT security analysis technology. This result shows us which technologies are the most used to 
ensure the protection of servers. Wang et al. [23] mentions that SMTP/MYSQL/RDP/DNS/HTTP protocols 
guarantee the security of servers since they prevent brute force attacks such as ransomware, network attacks, 
worms, and Trojans. On the other hand, the study [59] mentions that different approaches can be taken to 
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secure the network and servers. IDS technologies in conjunction with a firewall can detect threats that further 
ensure the security of the organization's servers because it can detect malicious packets coming from network 
traffic in time. According to Table 1, it can be seen that the categories of the articles related to the topic in 
question use the "public key infrastructure and ssl/tls encryption" (the server interconnects the business 
services and the availability of information) and "computer auditing and IDS". The result indicates that these 
technologies are the most frequently used in the security of organizational servers. Table 2 shows the 
functionalities and characteristics of the aforementioned categories using "IT auditing and IDS". 

RQ3: What are the most frequent risks according to their origin and type? 

According to Figure 7, it can be seen that the risks with the highest number are technical and the 
origin is internal. It can also be seen in the graph that the origin of the risks comes from internal factors of the 
institution. On the other hand, it can be identified that the technical risks can considerably affect the 
institutional servers, this information will allow us to take preventive and corrective measures to avoid a 
malfunction of the servers. According to Table 3, we can determine the categories of the types and origins of 
computer risks based on the articles reviewed, this allows us to see their effects can be detrimental, therefore, 
it is advisable to plan control measures. The study [37] mentions the risk of server outages, which are mainly 
caused by denial-of-service attacks or DdoS attacks, which are considered more frequent due to the fact that 
over the years new technologies have emerged and there has been a considerable increase in attacks, putting 
information security at risk. According to the author in his study [65], he mentions that the most frequent 
risks come from internal factors due to bad data manipulation, as the servers are constantly under constant 
risk and highly vulnerable and these are mainly the points for external factors such as attackers to develop 
different mechanisms to vulnerate and expose the information. 


5. PROPOSITION 

As an application proposal, we recommend an implementation that includes aspects such as SSH 
keys, public key infrastructure, and SSL-TLS encryption to prevent threats and negative impacts such as loss 
of reputation, information theft, paralysis of communications, and availability of information, as show in 
Figures 12 and 13. The implementation of this technology makes sense when the company is growing since it 
requires a great economic and management effort. Initially, a certificate authority and certificate manager are 
needed for the servers, which allows each of the entities integrated into the infrastructure to encrypt traffic 
and identify users, thus preventing a server spoofing attack used by attackers to intercept traffic. During the 
implementation period, the use of a VPN is recommended to secure communications until the SSL 
infrastructure is operational. 
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Figure 12. SSL/TLS encryption model graph 
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6. RELATED TASK 

In this systematic review, 58 articles were selected for the identification of techniques and methods 
in the prevention of computer risks in institutional servers, as well as the security techniques with the best 
effectiveness according to the results of other research, such as the most used methods and the largest number 
of researches according to the type of method, countries, and continents. It coincides with the applied 
implementation [34] of SSL Keys, where it is specified that all connections to the server are made by using 
public and private keys, dispensing with passwords, its implementation allowed for mitigating server 
simulation attacks and dictionary and brute force attacks. We agree with the studies [27] in identifying the 
public key infrastructure and SSL/TLS encryption since they argue that the use of this computer security 
technology is aimed at ensuring the integrity, availability, and security of data stored in a digital 
environment. Also, in the study [28] where the use of firewalls and VPN networks where communications 
are private and can be mapped and monitored, only the servers that have been designed for connections with 
customers will be the only ones exposed on the public internet, leaving the servers of the internal network 
protected. Those systematic review researches conducted focus on server risk prevention by focusing on 
techniques based on the use of SSH keys, and periodic computer audit applications published between the 
year (2014 to 2022). 


7. CONCLUSION 

After the systematic review of the scientific literature of 58 articles related to the research topic, it is 
concluded that: the most susceptible risk factors are those originating internally due to poor data 
management, as servers are exposed to constant and highly vulnerable risks. The methods or techniques that 
allow reducing and preventing risks in institutional servers are the methods and technologies associated with 
the "Implementation of SSL technologies and VPN private networks". In such a way, the research articles’ 
analysts validate the effectiveness of the most used methods and tools. The data obtained from this 
systematic review can help future research on the most effective technologies and methods for preventing 
computer risks on servers. 
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